Technology

Time for All Windows Users to FREAK Out Over Encryption Bug

In this April 2, 2014 file photo, Microsoft CEO Satya Nadella gestures during the keynote address of the Build Conference in San Francisco. Microsoft on Thursday, July 17, 2014 announced it will lay off up to 18,000 workers over the next year. (AP Photo/Eric Risberg, File)
In this April 2, 2014 file photo, Microsoft CEO Satya Nadella gestures during the keynote address of the Build Conference in San Francisco. (AP Photo/Eric Risberg, File)

 

(Computer World) – Microsoft on Thursday confirmed that Windows was vulnerable to FREAK attacks, and researchers changed their tune, saying Internet Explorer (IE) users were at risk.

The news was a turnabout from earlier in the week, when researchers initially fingered only Apple’s iOS and OS X and Google’s Android operating systems as those that could fall victim to cybercriminals spying on purportedly secure communications between browsers and website servers.

By adding Windows to the list, the number of jeopardized users jumped dramatically: Windows powered 92% of all personal computers last month.

In a security advisory released Thursday, Microsoft said Windows was, in fact, vulnerable to FREAK (Factoring attack on RSA-EXPORT Keys).

“Microsoft is aware of a security feature bypass vulnerability in Secure Channel (Schannel) that affects all supported releases of Microsoft Windows,” Microsoft said in the advisory. “Our investigation has verified that the vulnerability could allow an attacker to force the downgrading of the cipher suites used in an SSL/TLS connection on a Windows client system.”

READ MORE

Tags
Show More

Related Articles

Leave a Reply

Back to top button

Subscribe today for free and be the first to have news and information delivered directly to your inbox.


By submitting this form, you are consenting to receive marketing emails from: Washington Informer Newspaper, 3117 Martin Luther King Jr. Ave SE, Washington, DC, 20032, http://www.washingtoninformer.com. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Adblock Detected

Please consider supporting us by disabling your ad blocker
%d bloggers like this: